Problem turned out to be the login. I was not logging in as root in the SSH session. Once I did that it works. Not sure where to give a different user the same functionality, but at least I know where the problem is.
Thanks. James At 10:53 AM 1/2/2002 -0500, you wrote: >I don't use SSH Secure Shell, but my guess is you have two problems here: > >The window-in-a-window effect happens when you connect to a VNC server on >the same machine as the viewer you're running. You must have a server >running on display 0? > >You probably want to set your OUTGOING tunnel to listen on port 5901, then >try connecting to 127.0.0.1:1. > >To test, you can try telnetting into the tunnel. You should see a brief >message starting with "RFB" if you've connected to a VNC server. > >-----Original Message----- >From: Leite, Keith [mailto:[EMAIL PROTECTED]] >Sent: Monday, December 31, 2001 2:00 PM >To: '[EMAIL PROTECTED]' >Subject: RE: SSH Windows to Linux > > >Greetings, > >I have been following the this message thread and I would like >to say that I am trying to accomplish the same thing here. > >I am using SSH Secure Shell for Windows and I think I configured >it correctly. I set my OUTGOING Tunnel to listen on Port 22 and the DEST >Host is localhost and the DEST Port is 5900, I set it up to allow Local >connections only. > >It seems to make the connection but when I launch VNC from the PC running >Windows and point to the localhost or 127.0.0.1:5900 it seems to launch >almost a Window within a Window meaning it seems like I am connecting to >myself and it doesn't seem like my data is being forwarded through the >Tunnel. > >Do I have to make a INCOMING Tunnel also ??? > >Not too sure ... I understand the concept of connecting locally and let the >tunnel forwared traffic from the PC to the Linux box but it doesn't seem to >be forwarding .... > >Is there any test I can perform to verify that port 5900 is open for >business ??? > >ThanX Keith ... > >-----Original Message----- >From: David Brodbeck [mailto:[EMAIL PROTECTED]] >Sent: Monday, December 31, 2001 1:12 PM >To: '[EMAIL PROTECTED]' >Subject: RE: SSH Windows to Linux > > >When you make the connection through SSH, it will probably appear to come >from lo (the local interface), though it may depend on how you specify the >forwarding -- whether you use the loopback address or the machine's actual >IP. Try it and find out; if you deny all to port 5900 and it doesn't work, >you may have to add an allow rule for connections from the machine itself. > >I use TeraTerm Pro and the SSH plugin, and it works pretty well for me. You >should be able to use a host entry something like this to do what you want: > >remotemachine.foo.net:22/ssh /ssh-L5900:127.0.0.1:5900 > >This tells it to connect to remotemachine.foo.net, port 22, using the ssh >protocol. It then requests that port 5900 on the local machine be forwarded >to locahost port 5900 on the remote end. > >(I haven't tested this specifically, since I connect *through* the remote >machine to a third one, but it should work.) > >You would then fire up the VNC viewer and tell it to connect to localhost:0. > >-----Original Message----- >From: James Pifer [mailto:[EMAIL PROTECTED]] >Sent: Monday, December 31, 2001 12:58 PM >To: [EMAIL PROTECTED] >Subject: RE: SSH Windows to Linux > > >Have you gotten this to work? If so, what SSH client? I'm trying the >ssh-win32 that the VNC docs point you to. I set it up to forward the ports >but can't seem to make a connection. I get nothing. VNC doesn't ever come >back. No erros, nothing. Very weird. > >I am using ipchains. When you make a connection through SSH does Linux >think it's coming from the local trusted NIC? Not sure if that was clear. >Can I just completely block that port with ipchains and as long as I can >make the SSH connection I should be able to connect to VNC? > >Thanks, >James > >At 12:09 PM 12/31/2001 -0500, you wrote: > >You need to ask your SSH client to do port forwarding. How you do that >will > >depend on the client. Generally you'll ask it to, say, forward local port > >5900 to remote port 5900. Then you tell VNC to connect to port 5900 on your > >local machine, and SSH forwards it from there. > > > >Since you're running RedHat, the quickest way to keep VNC from accepting > >outside connections would probably be to block that port off with ipchains > >or iptables. > > > >-----Original Message----- > >From: James Pifer [mailto:[EMAIL PROTECTED]] > >Sent: Monday, December 31, 2001 11:41 AM > >To: [EMAIL PROTECTED] > >Subject: SSH Windows to Linux > > > > > >I know this has been asked before, but I'm not finding my answer so far. > >I've also read through the docs, but the holiday drinking must have made my > >brain a little mushy. > > > >I have a Redhat 7.2 server that I'm going to stick on the net. For this > >reason I obviously need it secure. Like many others, we're a windows shop > >not Linux. I can't figure out how to connect from a windows PC to a VNC > >session on Linux over SSH. > > > >I have SSH running on Redhat and can connect to it from two different > >Windows SSH clients. When I connect I get the $ prompt like a terminal > >session. > > > >How to a make a VNC connection? > > > >Also, how do I make sure that VNC will not accept normal connections? > > > >I've used Zebedee on windows in the past and then used the authosts > >registry setting to limit only connections from the local machine. > > > >Thanks. > >James > >--------------------------------------------------------------------- > >To unsubscribe, mail [EMAIL PROTECTED] with the line: > >'unsubscribe vnc-list' in the message BODY > >See also: http://www.uk.research.att.com/vnc/intouch.html > >--------------------------------------------------------------------- > >--------------------------------------------------------------------- > >To unsubscribe, mail [EMAIL PROTECTED] with the line: > >'unsubscribe vnc-list' in the message BODY > >See also: http://www.uk.research.att.com/vnc/intouch.html > >--------------------------------------------------------------------- >--------------------------------------------------------------------- >To unsubscribe, mail [EMAIL PROTECTED] with the line: >'unsubscribe vnc-list' in the message BODY >See also: http://www.uk.research.att.com/vnc/intouch.html >--------------------------------------------------------------------- >--------------------------------------------------------------------- >To unsubscribe, mail [EMAIL PROTECTED] with the line: >'unsubscribe vnc-list' in the message BODY >See also: http://www.uk.research.att.com/vnc/intouch.html >--------------------------------------------------------------------- >--------------------------------------------------------------------- >To unsubscribe, mail [EMAIL PROTECTED] with the line: >'unsubscribe vnc-list' in the message BODY >See also: http://www.uk.research.att.com/vnc/intouch.html >--------------------------------------------------------------------- >--------------------------------------------------------------------- >To unsubscribe, mail [EMAIL PROTECTED] with the line: >'unsubscribe vnc-list' in the message BODY >See also: http://www.uk.research.att.com/vnc/intouch.html >--------------------------------------------------------------------- --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
